<?php

/* 
 * Copyright (C) 2007 Revodes <http://www.revodes.com/>
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 2 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
 */

class Database {
	
	private $core;
	var $connection;
	var $connected = true;
	var $error;
	
	function Database($core) {
		@$this->connection = mysql_pconnect($core->config->config["dbhost"], $core->config->config["dbuser"], $core->config->config["dbpass"]) or $this->connected = false; $this->error = mysql_error();
		if ($this->connected == true)
			@mysql_select_db($core->config->config["dbname"], $this->connection) or $this->connected = false; $this->error = mysql_error();
	}
	
	// @todo: better error handling / processing.
	function sql_query($query) {
		$s = mysql_query($query, $this->connection) or $this->error = mysql_error();
		return $s;
	}
	
	function get_navigation() {
		$query = $this->sql_query("SELECT `navid`,`name`,`link`,`memonly` FROM `navigation` ORDER BY `order` ASC");
		$comments = array();
		while ($row = mysql_fetch_assoc($query)) {
			array_push($comments, $row);
		}
		
		return $comments;
	}
	
	function get_news() {
		$query = $this->sql_query("SELECT `postid`,`userid`,`timestamp`,`title`,`body` FROM `news` ORDER BY `postid` DESC");
		$news = array();
		while ($row = mysql_fetch_assoc($query)) {
			$s = $this->sql_query("SELECT COUNT(*) FROM `comments` WHERE `newsid`='".$row["postid"]."'");
			$r = mysql_fetch_row($s);
			$row["comments"] = $r[0];
			array_push($news, $row);
		}
		return $news;
	}
	
	function get_comments($id) {
		$query = $this->sql_query("SELECT `commentid`,`username`,`timestamp`,`title`,`body` FROM `comments` WHERE `newsid`='$id' ORDER BY `commentid` DESC");
		$comments = array();
		while ($row = mysql_fetch_assoc($query)) {
			array_push($comments, $row);
		}
		
		return $comments;
	}
	
	function add_news($title,$body) {
		global $core;
		$userid = $_SESSION["userid"];
		$timestamp = time();
		$title = $core->strip($title);
		$body = $core->strip($body);
		
		if (empty($title))
			return 0;
		if (empty($body))
			return 0;
		
		$query = $this->sql_query("INSERT INTO `news` SET `userid`='$userid',`timestamp`='$timestamp',`title`='$title',`body`='$body'");
		
		if (!$query)
			return 0;
		else
			return 1;
	}
	
	function add_comment($postid,$name,$title,$body) {
		global $core;
		$postid = $core->strip($postid);
		$name = $core->strip($name);
		$timestamp = time();
		$title = $core->strip($title);
		$body = $core->strip($body);
		
		if (empty($name))
			return 0;
		if (empty($title))
			return 0;
		if (empty($body))
			return 0;
		
		$query = $this->sql_query("INSERT INTO `comments` SET `newsid`='$postid', `username`='$name',`timestamp`='$timestamp',`title`='$title',`body`='$body'");
		
		if (!$query)
			return 0;
		else
			return 1;
	}
	
	function news_delete($id) {
		$postid = 0 + $id;
		$query = $this->sql_query("DELETE FROM `news` WHERE `postid`='$postid' LIMIT 1;");
		@$this->sql_query("DELETE FROM `comments` WHERE `newsid`='$postid'");
		if (!$query)
			return 0;
		else
			return 1;
	}
	
	function checkLogin($username, $password) {
		$query = $this->sql_query("SELECT `password` FROM `users` WHERE `username`='$username'");
		if (!$query) return 0;
		$row = mysql_fetch_row($query);
		$dbpass = $row[0];
		if ($dbpass == md5($password)) return 1;
		else return 0;
	}
	
	function confirmUser($username,$password) {
		$query = $this->sql_query("SELECT `password` FROM `users` WHERE `username`='$username'");
		if (!$query) return 0;
		$dbpass = @mysql_result($query,0);
		if ($dbpass == md5($password)) {
			return 1;
		}
		else return 0;
	}
	
	function addUser($username, $password,$email) {
		global $core;
		$username = $core->strip($username);
		$password = md5($core->strip($password));
		$email = $core->strip($email);
		$register_ip = $_SERVER['REMOTE_ADDR'];
		$register_timestamp = time();
		
		$query = $this->sql_query("INSERT INTO `users` SET `username`='$username',`password`='$password',`email`='$email',`register_ip`='$register_ip',`register_timestamp`='$register_timestamp'");
		if(!$query)
			return 0;
		else
			return 1;
	}
	
	function getInfo($select, $from, $where, $wherevalue) {
		$query = $this->sql_query("SELECT `$select` FROM `$from` WHERE `$where`='$wherevalue'");
		$row = mysql_fetch_row($query);
		return $row[0];
	}
	
	function get_statistics() {
		$query = $this->sql_query("SELECT COUNT(*) FROM `users`");
		$rows = mysql_fetch_row($query);
		
		$statistics = array();
		$statistics["users"] = $rows[0];
		return $statistics;
	}
	
	function latest_poll() {
		$query = $this->sql_query("SELECT `pollid`,`question` FROM `polls` ORDER BY `pollid` DESC LIMIT 1;");
		$rows = mysql_fetch_row($query);
		$poll = array("pollid" => $rows[0], "question" => $rows[1]);
		return $poll;
	}
	
	function get_poll($pollid) {
		$query = $this->sql_query("SELECT `choice`,`activity`,`votes` FROM `polls_votes` WHERE `pollid`='$pollid'");
		$query2 = $this->sql_query("SELECT SUM(votes) AS sumvotes FROM `polls_votes` WHERE `pollid`='$pollid' LIMIT 1;");
		$polls = array();
		while ($row = mysql_fetch_assoc($query)) {
			$r = mysql_fetch_row($query2);
			$row["sumvotes"] = $r[0];
			
			array_push($polls, $row);
		}
		
		return $polls;
	}
	
	function addvote($pollid, $vote) {
		$query = $this->sql_query("UPDATE `polls_votes` SET `votes`=`votes` + 1 WHERE `pollid`='$pollid' AND `choice`='$vote' LIMIT 1;");
		
		if(!$query)
			return 0;
		else
			return 1;
	}
	
}

?>